Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla Still Maintains Thunderbird but Discontinues Persona

Filed under
Moz/FF

Shutting down persona.org in November 2016

Filed under
Moz/FF

Hi Everyone,

When the Mozilla Identity team transitioned Persona to community
ownership, we committed resources to operational and security support
throughout 2014 [1], and renewed that commitment for 2015 [2]. Due to
low, declining usage, we are reallocating the project’s dedicated,
ongoing resources and will shut down the persona.org services that we run.

Persona.org and related domains will be taken offline on November 30th,
2016.

Read more

Latest Firefox 43.0.4 Now Available for All Ubuntu OSes

Filed under
Moz/FF
Ubuntu

Canonical has announced that the latest Firefox 43.0.4 version has been made available in the repositories for the users of Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS.

Read more

Mozilla Security

Filed under
Moz/FF
  • Mozilla Releases Thunderbird 38.5 with Address Book Improvements, Security Fixes

    Today, January 7, 2016, Mozilla has announced the immediate availability for download of the Mozilla Thunderbird 38.5.0 email, news and chat client for all supported platforms, including Microsoft Windows, Mac OS X, and GNU/Linux.

  • Mozilla Re-enables SHA-1 Certificate Support in Firefox

    SHA-1 does still matter as Mozilla backtracks on support. However, don't expect the company to support SHA-1 for the long term.

  • Man-in-the-Middle Interfering with Increased Security

    According to the plan we published earlier for deprecating SHA-1, on January 1, 2016, Firefox 43 began rejecting new certificates signed with the SHA-1 digest algorithm. For Firefox users with unfiltered access to the Internet, this change probably went unnoticed, since there simply aren’t that many new SHA-1 certs being used. However, for Firefox users who are behind certain “man-in-the-middle” devices (including some security scanners and antivirus products), this change removed their ability to access HTTPS web sites. When a user tries to connect to an HTTPS site, the man-in-the-middle device sends Firefox a new SHA-1 certificate instead of the server’s real certificate. Since Firefox rejects new SHA-1 certificates, it can’t connect to the server.

Meet Chirimen, a Firefox OS-Powered IoT Single-Board Computer Developed by Mozilla

Filed under
Moz/FF

Today we would like to introduce you guys to an upcoming development SBC (Single-board computer) called Chirimen, which is currently developed by Mozilla, the company behind the world's famous Firefox and Thunderbird software products.

Read more

Mozilla Firefox News

Filed under
Moz/FF
  • Mozilla hastily backpedals on SHA-1 ban after impact larger than thought

    The impact of Mozilla's decision to depreciate SHA-1 at the start of 2016 with the release of Firefox 43 turned out to be larger than it anticipated. As a result, Mozilla hastily released an update on Wednesday that re-enabled support for SHA-1 certificates as it seeks to better evaluate how many users might be affected.

    Firefox 43 was supposed to ratchet up security for its users as part of Mozilla's roadmap by dropping support only for new SHA-1 certificates, while continuing to support older SHA-1. The rationale behind this move was to present a clear disincentive for certificate providers to move away from SHA-1 without penalizing – as yet – existing SHA-1 certificates that are already in use.

  • Firefox’s ban of SHA-1 certs causing some security issues, Mozilla warns

    Mozilla has warned Firefox users that its decision to reject SHA-1 certificates has caused an unfortunate side effect: some man-in-the-middle devices, such as security scanners and antivirus products, are failing to connect to HTTPS sites.

    The browser maker advised any netizens affected by the interference to install the latest version of Firefox, which reinstates support for SHA-1.

  • Firefox 43.0.4 Fixes Folder Creation on Linux and Brings Back SHA-1

    Mozilla has released a new version of Firefox, 43.0.4, which is just a maintenance release that happens to have an important fix for the Linux platform.

  • Mozilla: 40 Percent of Firefox Users Don't Have Add-Ons Installed

    According to an internal analysis, Mozilla staff estimates, based on anonymous telemetry data, that around 40% of its userbase does not have add-ons installed on their browser.

CES 2016: Firefox OS Still Alive, Powering New Panasonic UHD TV

Filed under
Moz/FF

The open source Firefox OS will be used to power new Panasonic DX900 UHD TVs, Mozilla and Panasonic have announced.

Read more

Firefox OS will Power New Panasonic UHD TVs Unveiled at CES

Filed under
Linux
Moz/FF

Panasonic announced that Firefox OS will power the new Panasonic DX900 UHD TVs, the first LED LCD TVs in the world with Ultra HD Premium specification, unveiled today at CES 2016.

Panasonic TVs powered by Firefox OS are already available globally, enabling consumers to find their favorite channels, apps, videos, websites and content quickly and pin content and apps to their TV’s home screen.

Read more

Mozilla News

Filed under
Moz/FF
  • The Ghacks user.js Firefox privacy and security list has been updated

    Pants has created a light and dark version, and both are included in the archive that you can download so that you can access both HTML documents locally on your system.

  • News: Tutorials with node.js and jpm.
  • OpenBSD and Nightly Mozilla Firefox security.

    W^X ("Write XOR Execute"; spoken as W xor X[1]) is the name of a security feature present in the OpenBSD operating system. It is a memory protection policy whereby every page in a process' address space is either writable or executable, but not both simultaneously. from wikipedia.

  • Write XOR Execute JIT Support Lands For Mozilla Firefox

    As another recent Firefox Nightly change besides enabling WebGL 2 by default is that Firefox's just-in-time compiler supports W^X protection.

    OpenBSD has been leading the charge on using W^X by default -- Write XOR Execute. As explained in that earlier article, W^X implies "a memory policy of W^X -- write xor execute where memory can be marked as writable or executable but not both, in order to fend off potential exploits." One of the biggest roadblocks that OpenBSD faced enabling W^X were JIT engines of web browsers.

Syndicate content

More in Tux Machines

Latvian Ventspils controls costs with open source

The administration of Ventspils, Latvia’s sixth largest city, is an avid user of free and open source software. The main benefits: cost and resource optimisation. Read more

Ubuntu Touch finds a home on a conflict-free, fair-trade, user-maintainable handset

Handset maker Fairphone is teaming up with the community project UBports, which seeks to get Ubuntu Touch on mobile devices. They will be showing off Ubuntu Touch running on the Fairphone 2 during Mobile World Congress, which starts February 27 in Barcelona. While Ubuntu is probably not the first name that comes to mind when you think of mobile devices, the phone in question offers some compelling features. “UBports Foundation will be showcasing its work at the Canonical booth, the company behind Ubuntu. Canonical is planning to tell about the latest developments around the convergence of its devices and UBports Foundation will share its mission ‘Ubuntu On Every Device’ with the visitors,” UBports said in a February 8 press release. Currently, UBports’ website lists three devices as “fully working as daily drivers:” The OnePlus One, Nexus 5, and the Fairphone 2, with the latter showing all parts as functioning with Ubuntu Touch, save the GPS radio. (Interestingly, the UBports project website for the Fairphone 2 still lists the GSM radio [in addition to the GPS] as a work in progress. However there is a video of two people talking with the handset, so it’s likely the Fairphone 2 project website is out of date.) The website also has instructions for flashing Ubuntu to the Fairphone 2. Read more

BSD Leftovers

  • LLVM/Clang 4.0 Is Running Late Due To Seven Blocker Bugs
    LLVM 4.0 was supposed to have been released by now, but it's running late due to open blocker bugs. Hans Wennborg commented on the mailing list that while the release should have happened on 21 February, serving as release manager, he hasn't tagged the release yet due to open blocker bugs.
  • FreeBSD-Based pfSense 2.3.3 Open-Source Firewall Released with over 100 Changes
    Rubicon Communications' Jim Pingle announced the availability of a new point release to the pfSense 2.3 stable series, which adds over 100 improvements and a bunch of new features. Updated to FreeBSD 10.3-RELEASE-p16, the pfSense 2.3.3 maintenance release is here more than seven months after the 2.3.2 update and introduces several new packages, including TFTP Server, LCDproc, cellular, and tinc, a lot of improvements for the OpenVPN and IPsec implementations, as well as numerous stability and security fixes from FreeBSD. Dozens of bug fixes are included in pfSense 2.3.3 for WebGUI, graphs and monitoring, gateways and routing, notifications, Dynamic DNS, captive portal, NTP and GPS, DNS, resolver and forwarder, DHCP and DHCPv6 servers, router advertisements, HA and CARP, traffic shaping, firewall, rules, NAT, aliases, states, users, authentication, and privileges.
  • “Hi, I’m jkh and I’m a d**k”
    Yesterday, I was privy to a private email message discussing a topic I care deeply about. I contacted the author and said “You really need to make this public and give this a wider audience.” His response boiled down to “if I wanted it to get a wider audience, I was welcome to do so myself.” So here’s my first ever guest post, from Jordan K Hubbard, one of the founders of the FreeBSD Project. While this discussion focuses on FreeBSD, it’s applicable to any large open source project.

Linux Graphics